diff --git a/g10/keyserver.c b/g10/keyserver.c index 31037c01d..30e8ae6d6 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -1993,7 +1993,7 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len) if(domain) *domain='.'; - type=get_cert(look,max_cert_size,&key,&url); + type=get_cert(look,max_cert_size,&key,NULL,NULL,&url); if(type==1) { int armor_status=opt.no_armor; diff --git a/include/ChangeLog b/include/ChangeLog index 733ca20db..de666b972 100644 --- a/include/ChangeLog +++ b/include/ChangeLog @@ -1,3 +1,7 @@ +2006-03-16 David Shaw + + * util.h: Handle the fixed IPGP type with fingerprint. + 2006-02-14 Werner Koch * errors.h (G10ERR_NO_DATA): New. diff --git a/include/util.h b/include/util.h index eba1c84f0..ee25be12e 100644 --- a/include/util.h +++ b/include/util.h @@ -1,6 +1,6 @@ /* util.h - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 - * 2004 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GNUPG. * @@ -257,7 +257,8 @@ int asprintf (char **buf, const char *fmt, ...); char *get_pka_info (const char *address, unsigned char *fpr); /*-- cert.c --*/ -int get_cert(const char *name,size_t max_size,IOBUF *iobuf,char **url); +int get_cert(const char *name,size_t max_size,IOBUF *iobuf, + unsigned char **fpr,size_t *fpr_len,char **url); /**** other missing stuff ****/ #ifndef HAVE_ATEXIT /* For SunOS */ diff --git a/util/ChangeLog b/util/ChangeLog index e00f146fb..b528ef0af 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,7 @@ +2006-03-16 David Shaw + + * cert.c (get_cert): Handle the fixed IPGP type with fingerprint. + 2006-03-08 David Shaw * argparse.c (default_strusage): Update copyright year to 2006. diff --git a/util/cert.c b/util/cert.c index e37544e01..bae1b196f 100644 --- a/util/cert.c +++ b/util/cert.c @@ -1,5 +1,5 @@ /* cert.c - DNS CERT code - * Copyright (C) 2005 Free Software Foundation, Inc. + * Copyright (C) 2005, 2006 Free Software Foundation, Inc. * * This file is part of GNUPG. * @@ -33,6 +33,7 @@ #include "memory.h" #endif #include "iobuf.h" +#include "util.h" /* Not every installation has gotten around to supporting CERTs yet... */ @@ -45,12 +46,19 @@ /* Returns -1 on error, 0 for no answer, 1 for PGP provided and 2 for IPGP provided. */ int -get_cert(const char *name,size_t max_size,IOBUF *iobuf,char **url) +get_cert(const char *name,size_t max_size,IOBUF *iobuf, + unsigned char **fpr,size_t *fpr_len,char **url) { unsigned char *answer; int r,ret=-1; u16 count; + if(fpr) + *fpr=NULL; + + if(url) + *url=NULL; + answer=xmalloc(max_size); r=res_query(name,C_IN,T_CERT,answer,max_size); @@ -90,7 +98,8 @@ get_cert(const char *name,size_t max_size,IOBUF *iobuf,char **url) pt+=rc; - /* Truncated message? */ + /* Truncated message? 15 bytes takes us to the point where + we start looking at the ctype. */ if((emsg-pt)<15) break; @@ -127,26 +136,41 @@ get_cert(const char *name,size_t max_size,IOBUF *iobuf,char **url) dlen-=5; - if(ctype==3 && iobuf) + /* 15 bytes takes us to here */ + + if(ctype==3 && iobuf && dlen) { /* PGP type */ *iobuf=iobuf_temp_with_content((char *)pt,dlen); ret=1; break; } -#if 0 - else if(ctype==6 && dlen<1023 && url) + else if(ctype==6 && dlen && dlen<1023 && dlen>=pt[0]+1 + && fpr && fpr_len && url) { - /* Sanity check the IPGP URL type that the URL isn't too - long */ + /* IPGP type */ + *fpr_len=pt[0]; + + if(*fpr_len) + { + *fpr=xmalloc(*fpr_len); + memcpy(*fpr,&pt[1],*fpr_len); + } + else + *fpr=NULL; + + if(dlen>*fpr_len+1) + { + *url=xmalloc(dlen-(*fpr_len+1)+1); + memcpy(*url,&pt[*fpr_len+1],dlen-(*fpr_len+1)); + (*url)[dlen-(*fpr_len+1)]='\0'; + } + else + *url=NULL; - *url=xmalloc(dlen+1); - memcpy(*url,pt,dlen); - (*url)[dlen]='\0'; ret=2; break; } -#endif /* Neither type matches, so go around to the next answer. */ pt+=dlen; @@ -162,7 +186,8 @@ get_cert(const char *name,size_t max_size,IOBUF *iobuf,char **url) #else /* !USE_DNS_CERT */ int -get_cert(const char *name,size_t max_size,IOBUF *iobuf,char **url) +get_cert(const char *name,size_t max_size,IOBUF *iobuf, + unsigned char **fpr,size_t *fpr_len,char **url) { return -1; } @@ -175,6 +200,8 @@ get_cert(const char *name,size_t max_size,IOBUF *iobuf,char **url) int main(int argc,char *argv[]) { + unsigned char *fpr; + size_t fpr_len; char *url; int rc; IOBUF iobuf; @@ -187,7 +214,7 @@ main(int argc,char *argv[]) printf("CERT lookup on %s\n",argv[1]); - rc=get_cert(argv[1],16384,&iobuf,&url); + rc=get_cert(argv[1],16384,&iobuf,&fpr,&fpr_len,&url); if(rc==-1) printf("error\n"); else if(rc==0) @@ -199,7 +226,23 @@ main(int argc,char *argv[]) } else if(rc==2) { - printf("URL found: %s\n",url); + if(fpr) + { + size_t i; + printf("Fingerprint found (%d bytes): ",fpr_len); + for(i=0;i